ARTIFACTORY: How to test webhooks in Artifactory and check its request payload

ARTIFACTORY: How to test webhooks in Artifactory and check its request payload
Products
Frog_Artifactory
Content Type
Use_Case
AuthorFullName__c
Tatarao Vana
articleNumber
000005234
FirstPublishedDate
2022-03-29T10:44:11Z
lastModifiedDate
2025-05-22
VersionNumber
8
Introduction 

A webhook is an automated notification mechanism that is triggered by events that you define. When a webhook is triggered, it sends relevant information about the event to a web location that is listening for that specific event notification. The webhook is comprised of three simple components – the triggering event, the information about the event (the “payload”), and the web location listening for the event.


Configuring  WebHooks

To configure Webhook in Artifactory, navigate to Administration Module | General | Webhooks section and click on the New Webhook option.

Open the test webhook website(https://webhook.site/), which is publicly available. This site will provide us with the sample URL for configuring the webhook and checking the request payload.

In the webhook configuration, provide the webhook name, description, and unique URL from the above website. Use the proxy configuration if needed, or you may leave it blank. Select the event(Ex, Artifact was deployed) in the Events section to trigger the Webhook notification.

In this example, we are not using any sort of authentication. In case we configure the actual webhook URL, which might require authentication or custom headers, we can specify it in the platform UI.

Here is the screenshot of the example webhook configuration and successful test connection.

User-added image


User-added image

The payload of the webhook looks like below.

User-added image

In this article, we have provided details about how to configure a sample webhook. However, we can configure the actual URL of the Webhook endpoint similarly.

By default, private networks are not allowed to be used as Webhook targets for security reasons and would not pass validation. In that case, we recommend setting the following parameters in system.yaml file for event service as mentioned in how to disable Artifactory Webhook validation
Webhooks:
security:
    blacklist:
      ## When true private networks (loopback, RFC1918, RFC3927, and IPV6 unique local addresses) will not be allowed
      ## as webhook targets (used to prevent probing the network using SSRF)
      enabled: false

Logging:
In case of issues, you may enable the Event service debugging in the system.yaml file to understand the root cause of it. The change below requires a restart of the Artifactory service. 
 event:
    logging: 
      application:
        level: "debug"